CVE-2025-53628— cpp-httplib does not limit the length of a line
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-53628
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
cpp-httplib does not limit the length of a line
Source: NVD (National Vulnerability Database)
Vulnerability Description
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.20.1, cpp-httplib does not have a limit for a unique line, permitting an attacker to explore this to allocate memory arbitrarily. This vulnerability is fixed in 0.20.1. NOTE: This vulnerability is related to CVE-2025-53629.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
不可达退出条件的循环(无限循环)
Source: NVD (National Vulnerability Database)
Vulnerability Title
cpp-httplib 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
cpp-httplib是yhirose个人开发者的一款使用C++语言编写的HTTP/HTTPS服务器和客户端库。 cpp-httplib 0.20.1之前版本存在安全漏洞,该漏洞源于未限制唯一行长度,可能导致任意内存分配。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| yhirose | cpp-httplib | < 0.20.1 | - |
II. Public POCs for CVE-2025-53628
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-53628
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same product: cpp-httplib
- CVE-2026-34441
cpp-httplib: HTTP Request Smuggling via Unconsumed GET Reque - CVE-2026-33745
cpp-httplib Client Leaks Authentication Credentials to Untru - CVE-2026-32627
cpp-httplib has a Silent TLS Certificate Verification Bypass - CVE-2026-31870
cpp-httplib Affected by Remote Process Crash via Malformed C - CVE-2026-29076
cpp-httplib: Stack Overflow Denial of Service (DoS) via std:
Same vendor: yhirose
- CVE-2026-34441
cpp-httplib: HTTP Request Smuggling via Unconsumed GET Reque - CVE-2026-33745
cpp-httplib Client Leaks Authentication Credentials to Untru - CVE-2026-32627
cpp-httplib has a Silent TLS Certificate Verification Bypass - CVE-2026-31870
cpp-httplib Affected by Remote Process Crash via Malformed C - CVE-2026-29076
cpp-httplib: Stack Overflow Denial of Service (DoS) via std:
Same weakness: CWE-835
- CVE-2026-42310
Pillow: PDF Parsing Trailer Infinite Loop (DoS) - CVE-2026-41511
OpenMcdf has an Infinite loop DoS via crafted CFB directory - CVE-2026-5407
Loop with Unreachable Exit Condition ('Infinite Loop') in Wi - CVE-2026-6536
Loop with Unreachable Exit Condition ('Infinite Loop') in Wi - CVE-2026-6534
Loop with Unreachable Exit Condition ('Infinite Loop') in Wi
V. Comments for CVE-2025-53628
No comments yet